>It can be built without choke points. ISPs could form trust
>relationships with each other and bypass the central mail relay. AOL
>for example could require ISPs to meet certain criteria before they are
>allowed direct connections. ISPs would need to contact AOL, provide
>valid contact into and accept some sort of AUP (I shall not spam
>AOL...) and then be allowed to connect from their IPs. AOL could kick
>that mail server off later if they determine they are spamming.Now there is an idea! However an improved variant is to make the
entire internet a 'trust relationship' using the (obvious) steps you
propose. For several months I have been pondering possible details of
implementing same; see <http://www.camblab.com/misc/univ_std.txt>\.
Comments welcome.Surely it already is ? That is I only announce routes of my customers who I
trust, my upstreams and peers trust me and what i announce to them, their
upstreams/peers do and so on. And yet we still have hijacked netblocks and
ddos's with uncaring sysadmins. Why should email be any different?And if you do implement such a system, the spammers will just adapt.. the
recent
viruses (sobig) are an example of how spammers can open up end user machines to
facilitate sending of email, providing they can control such a host they can
simply relay thro the providers' smtps.. they dont need open relays to send out
their junk!
The proposal at <http://www.camblab.com/misc/univ_std.txt> provides that
mail from compromised sources shall be rejected. This forces the host
sysadmin to secure his system if he wants to communicate with the rest of
the internet. Presently the penalty for negligence is borne by the
victim, not the perpetrator. The unique aspect of the proposal is to
attach consequences to actions, a principle which is used everywhere in
society except the Internet.
Jeffrey Race